Evan Prodromou
cd5dc3246e
got two lines reversed
...
darcs-hash:20080827211940-84dde-d5b404023a2fb6b74b6255dd91910c9ec7df3cc6.gz
2008-08-27 17:19:40 -04:00
Evan Prodromou
35ed6f473c
change queue_item to use a compound primary key
...
Breaking up to use multiple queue handlers means we need multiple
queue items for the same notice. So, change the queue_item table to
have a compound pkey, (notice_id,transport).
darcs-hash:20080827211239-84dde-db118799bfd43be62fb02380829c64813c9334f8.gz
2008-08-27 17:12:39 -04:00
Evan Prodromou
f59ead93ee
remove unimplemented methods from XmppDaemon
...
darcs-hash:20080827210429-84dde-90c22dbee16f74f53464dcd538a6dbcf49db4f28.gz
2008-08-27 17:04:29 -04:00
Evan Prodromou
b9f0ea6f0e
break up monolithic xmppdaemon into multiple queue handlers
...
Eventually, the poor xmppdaemon has become overloaded with extra
tasks. So, I've broken it up. Now, we have 5 background scripts, and
more coming:
* xmppdaemon.php - handles incoming XMPP messages only.
* xmppqueuehandler.php - sends notices from the queue out through XMPP.
* smsqueuehandler.php - sends notices from the queue out over SMS
* ombqueuehandler.php - sends notices from the queue out over OMB
* xmppconfirmhandler.php - sends confirmation requests out over XMPP.
This is in addition to maildaemon.php, which takes incoming messages.
None of these are "true" daemons -- they don't daemonize themselves
automatically. Use nohup or another tool to background them. monit can
also be useful to keep them running.
At some point, these might become fork()'ing daemons, able to handle
more than one notice at a time. For now, I'm just running multiple
instances, hoping they don't interfere.
darcs-hash:20080827205407-84dde-97884a12f5f4e54c93bc785bd280683d1ee7e749.gz
2008-08-27 16:54:07 -04:00
Evan Prodromou
adeb19f1f7
clean up username entered at login
...
darcs-hash:20080829225258-84dde-6fee5f0beea62f023c13436b8d7044241bc0d01a.gz
2008-08-29 18:52:58 -04:00
Zach Copley
9fb08ec45e
CSRF protection in remotesubscribe
...
darcs-hash:20080829054038-7b5ce-d0503a8eb7f89a9d2de4aadd4550f4342b943b09.gz
2008-08-29 01:40:38 -04:00
Zach Copley
a034e13bf0
CSRF protection in emailsettings
...
darcs-hash:20080829053337-7b5ce-6d94638c57d185e5d44e02ad458593a3f4de36d9.gz
2008-08-29 01:33:37 -04:00
Evan Prodromou
2dc50d7e37
CSRF protection in user registration
...
darcs-hash:20080829054017-84dde-c9268e5c815934dcbca2451dd6c9016f2ac4a03a.gz
2008-08-29 01:40:17 -04:00
Zach Copley
47726844a0
CSRF protection in recoverpassword
...
darcs-hash:20080829052824-7b5ce-39a8fd299b7a85793ad7a19fe00c93813ca882b6.gz
2008-08-29 01:28:24 -04:00
Evan Prodromou
98e941753b
session token in userauthorization form
...
darcs-hash:20080829052847-84dde-a64918a75f8300ec8fb230202881691066147652.gz
2008-08-29 01:28:47 -04:00
Evan Prodromou
63438008e0
csrf protection in userauthorization
...
darcs-hash:20080829052732-84dde-0ebb7e32236b480cc3aa2eb7a4bb2b41ff6177d6.gz
2008-08-29 01:27:32 -04:00
Evan Prodromou
9b741c4f9a
better client error on CSRF problem with subscribe/unsubscribe
...
darcs-hash:20080829051628-84dde-2a339a35c422afb9ec04f757771764ed43b2c28b.gz
2008-08-29 01:16:28 -04:00
Evan Prodromou
4272da4e9e
CSRF protection for subscription/unsubscription
...
darcs-hash:20080829051104-84dde-9bd23c28c2c8a720046060a33ff3e5f246c47116.gz
2008-08-29 01:11:04 -04:00
Zach Copley
2e239e3fbb
CSRF protection in imsettings.php
...
darcs-hash:20080829035707-7b5ce-69a9ff98390ff8b9671ede948d78fdb37371aac6.gz
2008-08-28 23:57:07 -04:00
Zach Copley
6be7cbc5cd
CSRF protection in smssettings.php
...
darcs-hash:20080829035118-7b5ce-57613e88b29617ea422c7f7003e81ef885e3debb.gz
2008-08-28 23:51:18 -04:00
Evan Prodromou
6afb7f576e
add csrf protection to profile settings
...
darcs-hash:20080829043909-84dde-c70a633c93ab89560bc300817bda66eebf6176cf.gz
2008-08-29 00:39:09 -04:00
Evan Prodromou
9a65f45c45
CSRF protection in openidsettings
...
darcs-hash:20080829042908-84dde-1d1a22dfd3d89c5521aeb9069dc64c5f6dad3a27.gz
2008-08-29 00:29:08 -04:00
Evan Prodromou
d0a466bdb7
swap around some stuff to show the form correctly on a CSRF error in openidlogin
...
darcs-hash:20080829040925-84dde-7195734eeb3df6439c099c1139caf77e2c2ea3c1.gz
2008-08-29 00:09:25 -04:00
Evan Prodromou
42a6492152
CSRF protection for OpenID form
...
darcs-hash:20080829035934-84dde-cf36fd802bed76fdf15ac39b838494a414d5cc1e.gz
2008-08-28 23:59:34 -04:00
Evan Prodromou
d6dd35a66a
add a token for CSRF avoidance
...
darcs-hash:20080829034854-84dde-a636b446dc254aaa77ac65f63be01e49c192bf32.gz
2008-08-28 23:48:54 -04:00
Evan Prodromou
93e67c7133
show error in delete notice
...
darcs-hash:20080829025559-84dde-bd29b5e6750a1ff72bd39e8e76bde325b0313fb8.gz
2008-08-28 22:55:59 -04:00
Evan Prodromou
dd55916d56
CSRF protection in deletenotice
...
darcs-hash:20080829025127-84dde-b3e2eb64b7dd8302037f471f6dba6949e2e15ecc.gz
2008-08-28 22:51:27 -04:00
Evan Prodromou
d3c86d0016
add CSRF protection to avatar
...
darcs-hash:20080829023919-84dde-38e4bf6bddc120a221af5f856d9f88b7a532096b.gz
2008-08-28 22:39:19 -04:00
Evan Prodromou
d146355875
return after failed token
...
darcs-hash:20080829023731-84dde-8920bbaf1e1f171829d0acff3f89ec987deb6368.gz
2008-08-28 22:37:31 -04:00
Evan Prodromou
1df845db78
fix random function name
...
darcs-hash:20080829021854-84dde-818492a31c07dd0921c2a693095ca7ac901b6d35.gz
2008-08-28 22:18:54 -04:00
Evan Prodromou
54bee1b999
code for session token
...
darcs-hash:20080829015304-84dde-1c93203bdfbd4c1696cdd3c07212ff16a9f727dd.gz
2008-08-28 21:53:04 -04:00
Evan Prodromou
ff566a149d
add session token check to password change
...
darcs-hash:20080829014515-84dde-bce51f66ba0b3b4347a55a70b2b266b72c242304.gz
2008-08-28 21:45:15 -04:00
Evan Prodromou
cf3902d8ac
get language before setting it.
...
darcs-hash:20080828005323-84dde-8f69e1e6115faa544c22436539148dac53ed6f65.gz
2008-08-27 20:53:23 -04:00
Evan Prodromou
f3dc863d8f
don't do too many broadcasts or confirms before checking the message queue
...
darcs-hash:20080827142336-84dde-2bec2149d86900fd0291f8c00f85aa756842bbe1.gz
2008-08-27 10:23:36 -04:00
Evan Prodromou
9bdc7f8ec7
add back in a session start handler
...
darcs-hash:20080827135422-84dde-857d6e980e18803186d080a60eea60f1362bb348.gz
2008-08-27 09:54:22 -04:00
Evan Prodromou
b69b206c97
restoring upstream XMLStream.php after pulling ciarang's patch
...
darcs-hash:20080827133048-84dde-cb99ac89c65008a8832395684386518718247887.gz
2008-08-27 09:30:48 -04:00
CiaranG
b6d67b06d4
XMPP daemon that doesn't eat messages - note change to XMPPHP as well (Ticket #551 )
...
darcs-hash:20080826200057-f6e2c-fb9a88251d034824218d20b3fefcde96ddaef827.gz
2008-08-26 16:00:57 -04:00
Evan Prodromou
28ed510854
don't show unknown (debug) errors
...
darcs-hash:20080827132346-84dde-c5499ac960fbb28bced28ff9355846f7183fcb5c.gz
2008-08-27 09:23:46 -04:00
Evan Prodromou
108b1e7bfd
fixup whitespace
...
darcs-hash:20080827131603-84dde-7be64f28840a29c5833bc625aaf6cb8f07b891e5.gz
2008-08-27 09:16:03 -04:00
Evan Prodromou
44c1863f0e
import upstream XMPPHP with @ciarang's fix
...
darcs-hash:20080827124430-84dde-654751781702f5518153a01aa3dae4a8580b7f35.gz
2008-08-27 08:44:30 -04:00
Evan Prodromou
b1ff7d7a2b
fix error storing uris of remote notices
...
darcs-hash:20080826211108-84dde-b277bdb1476b9cec0c0d93fa8d565c4642ba16c8.gz
2008-08-26 17:11:08 -04:00
Evan Prodromou
4a28e70cf8
use notice URI if it's not local and it's an HTTP URL
...
darcs-hash:20080826210314-84dde-34d4eb71c7d74b65c0c4b486f345ed7d9301af15.gz
2008-08-26 17:03:14 -04:00
Evan Prodromou
0bc0568e66
only send local messages to public XMPP stream
...
darcs-hash:20080826205341-84dde-04c1641f4b9c5aa5318b76512664ee9df170d779.gz
2008-08-26 16:53:41 -04:00
Evan Prodromou
782fe0130f
optionally turn encryption on or off in the XMPP connection
...
For identi.ca, we had some problems with the XMPP daemon getting
"stuck" in I/O through the encrypted (by default) XMPP socket. Turning
off encryption helped. So, now it's an option.
darcs-hash:20080826131814-84dde-2c4a809c6fb666dfb4b96d0d61205fe418f4e4b4.gz
2008-08-26 09:18:14 -04:00
Evan Prodromou
4cc84c3225
never allow blank passwords
...
darcs-hash:20080825185245-84dde-f2ad86c1aedc2a42f7b468775234be53a7e84d5b.gz
2008-08-25 14:52:45 -04:00
Evan Prodromou
08a3c5ac7f
use better SQL date, fix security problem with OpenID logins
...
darcs-hash:20080825184104-84dde-5735c1791002a12c3417603dc85da31ea868f263.gz
2008-08-25 14:41:04 -04:00
Evan Prodromou
21e4fb864f
change DataObject_Cast to use sql_now
...
darcs-hash:20080825183005-84dde-c1d24a057d9545cc6d1f0dc21c5af4ea7316d8e9.gz
2008-08-25 14:30:05 -04:00
Evan Prodromou
cba4b50e44
use common_sql_now() instead of DB_DataObject_Cast
...
darcs-hash:20080825182338-84dde-ec0edef9469b294b7e23945f1bc7d810da988ed7.gz
2008-08-25 14:23:38 -04:00
Evan Prodromou
55b6e17ee1
use mb_strlen instead of strlen in xmpp daemon
...
darcs-hash:20080825173105-84dde-ea607521c78694fe558514b423f1c6dc0e70241e.gz
2008-08-25 13:31:05 -04:00
Evan Prodromou
3fda5a684f
notify user of remote subscriptions
...
darcs-hash:20080824200517-84dde-9662d89dbcd948e3ef7b7f8d4e82d90b4891c684.gz
2008-08-24 16:05:17 -04:00
Evan Prodromou
bf5176a711
big scarygram warning in config.php.sample about using DB_DataObject's debug mode
...
darcs-hash:20080824171202-84dde-fd3ed2b9645f2c2ec5439824dbc6f6a765c0a622.gz
2008-08-24 13:12:02 -04:00
Evan Prodromou
69e6e812b7
move README to main dir
...
darcs-hash:20080824113719-84dde-fce2da5de5de7cd76c001ac2c48b99edbedb80a8.gz
2008-08-24 07:37:19 -04:00
Evan Prodromou
a20a038542
be a little more liberal for sites that accidentally put whitespace before the xml decl
...
darcs-hash:20080824013803-84dde-9c5d9ce9c588cfb9baddae64366e3417f0a5fee9.gz
2008-08-23 21:38:03 -04:00
Evan Prodromou
7d6e1bb47f
request token is not readonly
...
darcs-hash:20080824011706-84dde-bf35373c3bfc631f8285f8630155195c3c5cc304.gz
2008-08-23 21:17:06 -04:00
CiaranG
192a673472
Prevent jabber.php error by checking key exists
...
darcs-hash:20080823053548-f6e2c-dfc8a0acd9fb8589ed37e54c7d0d3d38afff34f5.gz
2008-08-23 01:35:48 -04:00